Пример #1
0
        public async Task <IActionResult> RevokationList()
        {
            var issuer  = new X509Certificate2(Path.Combine(Options.Path, "ca.pfx"), Options.PfxPassphrase);
            var results = await Store.GetRevocationList();

            var crl = new CertificateRevocationList {
                AuthorizationKeyId = issuer.GetSubjectKeyIdentifier().ToLower(),
                Country            = "GR",
                Organization       = "Sample Authority",
                IssuerCommonName   = "Some Cerification Authority CA",
                CrlNumber          = 234,
                EffectiveDate      = DateTime.UtcNow.AddDays(-2),
                NextUpdate         = DateTime.UtcNow.AddDays(1),
                Items = results.Select(x => new RevokedCertificate {
                    ReasonCode     = RevokedCertificate.CRLReasonCode.Superseded,
                    RevocationDate = x.RevocationDate,
                    SerialNumber   = x.SerialNumber
                })
                        .ToList()
            };
            var crlSeq = new CertificateRevocationListSequence(crl);
            var data   = crlSeq.SignAndSerialize(issuer.PrivateKey as RSA);

            return(File(data, "application/x-pkcs7-crl", "revoked.crl"));
        }
Пример #2
0
 private string GetCrlDisplayName(CertificateRevocationList crl)
 {
     if (!string.IsNullOrEmpty(crl.FriendlyName))
     {
         return(crl.FriendlyName);
     }
     return(FormatDistinguishedName(crl.IssuerName));
 }
Пример #3
0
 public static X509Object Create(CertificateRevocationList crl, string storeName, StoreLocation storeLocation)
 {
     if (crl == null)
     {
         throw new ArgumentNullException("crl");
     }
     return(new X509Object(storeName, storeLocation)
     {
         Value = crl,
         Data = crl.RawData
     });
 }
Пример #4
0
        public void Generate_CRL()
        {
            //byte[] rawData = File.ReadAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "GTSGIAG3.crl"));
            //var decoder = CertificateRevocationListSequence.CreateDecoder();
            //var type = decoder.Decode(rawData);
            var crl = new CertificateRevocationList()
            {
                AuthorizationKeyId = "77c2b8509a677676b12dc286d083a07ea67eba4b",
                Country            = "GR",
                Organization       = "INDICE OE",
                IssuerCommonName   = "Some Cerification Authority CA",
                CrlNumber          = 234,
                EffectiveDate      = DateTime.UtcNow.AddDays(-2),
                NextUpdate         = DateTime.UtcNow.AddDays(1),
                Items =
                {
                    new RevokedCertificate {
                        ReasonCode     = RevokedCertificate.CRLReasonCode.Superseded,
                        RevocationDate = DateTime.UtcNow.AddHours(-10),
                        SerialNumber   = "05f4102a802b874c"
                    },
                    new RevokedCertificate {
                        ReasonCode     = RevokedCertificate.CRLReasonCode.Superseded,
                        RevocationDate = DateTime.UtcNow.AddHours(-9),
                        SerialNumber   = "174401aea7b9a5de"
                    }
                }
            };
            var crlSeq  = new CertificateRevocationListSequence(crl);
            var manager = new CertificateManager();
            var caCert  = manager.CreateRootCACertificate("identityserver.gr");
            var data    = crlSeq.SignAndSerialize(caCert.PrivateKey as RSA);

            File.WriteAllBytes(Path.Combine(Directory.GetCurrentDirectory(), "my.crl"), data);
            Assert.True(true);
        }
Пример #5
0
 public CapiCrlWrapper(CertificateRevocationList certificateRevocationList)
 {
     crl = certificateRevocationList;
 }